<?php
/*
  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com
*/
require('includes/application_top.php');

$connection = mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die('Couldn\'t make connection.');
// select database
$db = mysql_select_db(DB_DATABASE, $connection) or die(mysql_error());

// Si la langue n'est pas spécifiée
if ($HTTP_GET_VARS['language'] == '') {
  $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where directory = \'' . $language . '\'');
} else {
  $cur_language = tep_db_output($HTTP_GET_VARS['language']);
  $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where code = \'' . $cur_language . '\'');
}

// Récupère le code (fr, en, etc.) et l'id (1, 2, etc.) de la langue courante
if (tep_db_num_rows($lang_query)) {
  $lang_a = tep_db_fetch_array($lang_query);
    $lang_code = $lang_a['code'];
    $lang_id = $lang_a['languages_id'];
}

// If the default of your catalog is not what you want in your RSS feed, then
// please change this three constants:
// Enter an appropriate title for your website
define(RSS_TITLE, STORE_NAME);
// Enter your main shopping cart link
define(WEBLINK, HTTP_SERVER);
// Enter a description of your shopping cart
define(DESCRIPTION, TITLE);
/////////////////////////////////////////////////////////////
//That's it.  No More Editing (Unless you renamed DB tables or need to switch
//to SEO links (Apache Rewrite URL)
/////////////////////////////////////////////////////////////

$store_name = STORE_NAME;
$rss_title = RSS_TITLE;
$weblink = WEBLINK;
$description = DESCRIPTION;
$email_address = STORE_OWNER_EMAIL_ADDRESS;

// Encodage en UTF-8
$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

// Nettoyage des chaînes
$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

// Début de l'envoi des données
Header('Content-Type: application/xml');
echo '<?xml version="1.0" encoding="UTF-8" ?>' . "\n";
echo '<?xml-stylesheet href="http://www.w3.org/2000/08/w3c-synd/style.css" type="text/css"?>' . "\n";
echo '<!-- RSS for ' . $store_name . ', generated on ' . date(r) . ' -->' . "\n";
?>
<rss version="0.92">
<channel>
<title><?php echo $rss_title; ?></title>
<link><?php echo $weblink;?></link>
<description><?php echo $description; ?></description>
<webMaster><?php echo $email_address; ?></webMaster>
<language><?php echo $lang_code; ?></language>
<lastBuildDate><?php echo date(r); ?></lastBuildDate>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
<?php

// Create SQL statement
$category = $HTTP_GET_VARS['cPath'];
if ($category != '') {
  // Check to see if we are in a subcategory
  if (strrpos($category, '_') > 0) {
    $category = substr($category, strrpos($category, '_') + 1, strlen($category));
  }
  $sql = 'SELECT p.products_id, products_model, products_image, products_price, products_tax_class_id FROM products p, products_to_categories pc WHERE p.products_id = pc.products_id AND pc.categories_id = \'' . $category . '\' AND products_status=1 ORDER BY products_id DESC LIMIT ' . MAX_DISPLAY_SEARCH_RESULTS;
} else {
  $sql = 'SELECT products_id, products_model, products_image, products_price,  products_tax_class_id FROM products WHERE products_status=1 ORDER BY products_id DESC LIMIT ' . MAX_DISPLAY_SEARCH_RESULTS;
}

// Execute SQL query and get result
$sql_result = mysql_query($sql,$connection) or die('Couldn\'t execute query.');

// Format results by row
while ($row = mysql_fetch_array($sql_result)) {
  $id = $row['products_id'];

  // RSS Links for Ultimate SEO (Gareth Houston 10 May 2005)
  $link = tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $id) ;

  $model = $row['products_model'];
  $image = $row['products_image'];
  $price = $row['products_price'];
  $tax = $row['products_tax_class_id'];

  // Add VAt if product subject to VAT (might not be perfect if you have different VAT zones)
  $sql3 = 'SELECT tax_rate FROM tax_rates WHERE  tax_class_id = ' . $tax . ' LIMIT 1';
  $sql3_result = mysql_query($sql3,$connection) or die('Couldn\'t execute query.');
  $row3 = mysql_fetch_array($sql3_result);
  $tax = ($row3['tax_rate'] / 100)+1;
  $price = $price * $tax;
  $price = $currencies->format($price);

  // Selectionne les noms et descriptions des produits
  $sql2 = 'SELECT products_name, products_description FROM products_description WHERE products_id = \'' . $id . '\' AND language_id = \'' . $lang_id . '\' LIMIT 1';
  $sql2_result = mysql_query($sql2,$connection) or die('Couldn\'t execute query.');
  $row2 = mysql_fetch_array($sql2_result);
  
  // Mise au propre des données
  $name = $row2['products_name'];
  $desc = $row2['products_description'];

  // Conversion en UTF-8
  $name = utf8_encode ($name);
  $desc = utf8_encode ($desc);
  $price = utf8_encode ($price);
  $link = utf8_encode ($link);

  // Tout le monde semble laisser les balises HTML
  #$name = strip_tags($name);
  #$desc = strip_tags($desc);
  #$price = strip_tags($price);

  $image_url = HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . $image;

  // http://www.w3.org/TR/REC-xml/#dt-chardata
  // "The ampersand character (&) and the left angle bracket (<) MUST NOT appear in their literal form"
  $name = str_replace('&','&amp;',$name);
  $desc = str_replace('&','&amp;',$desc);
  $link = str_replace('&','&amp;',$link);

  $name = str_replace('<','&lt;',$name);
  $desc = str_replace('<','&lt;',$desc);
  $link = str_replace('<','&lt;',$link);

  $name = str_replace('>','&gt;',$name);
  $desc = str_replace('>','&gt;',$desc);
  $link = str_replace('>','&gt;',$link);

  // Écriture de l'enregistrement
  echo '<item>' . "\n";
  echo '  <title>' , $name , '</title>' . "\n";
  echo '  <link>' , $link , '</link>' . "\n";
  echo '  <description>' . "\n";
  echo $desc . "\n";
  echo '  </description>' . "\n";
  //No RSS-compliant#echo '  <price>' . $price . '</price>' . "\n";
  if ($image != '') {
    echo '  <image>' . "\n";
    echo '    <url>' . $image_url . '</url>' . "\n";
    echo '    <title>' . $name . '</title>' . "\n";
    echo '    <link>' . $link . '</link>' . "\n";
    echo '  </image>' . "\n";
  }
  echo '</item>' . "\n";
}
// free resources and close connection
mysql_free_result($sql_result);
mysql_close($connection);
?>
</channel>
</rss>
